Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create rmfakecloud-proxy package #448

Merged
merged 19 commits into from
Dec 7, 2021

Conversation

matteodelabre
Copy link
Member

@matteodelabre matteodelabre commented Sep 29, 2021

This PR provides a new package intended to ease the setup of rmfakecloud on a device. rmfakecloud is an alternative Xochitl sync server developed by ddvk that anyone can self-host. With this package, connecting to an rmfakecloud server only takes a few steps:

  • opkg install rmfakecloud-proxy
  • rmfakecloudctl set-upstream https://... (define the server to use)
  • rmfakecloudctl enable

One can then run rmfakecloudctl disable (or uninstall the package) to revert back to the default reMarkable servers.

Technical details

This package reuses most of its logic from the rmfakecloud-proxy installer https://github.com/ddvk/rmfakecloud-proxy/blob/master/scripts/installer.sh, but makes it more integrated with Toltec. The following steps happen when enabling rmfakecloud-proxy:

  • A local certificate authority and a self-signed certificate are generated for the reMarkable cloud domain names (stored in /opt/var/rmfakecloud-proxy).
  • The rmfakecloud-proxy service is enabled. This is a proxy server listening on 127.0.42.10 which forwards any requests it receives to the server selected by running rmfakecloudctl set-upstream.
  • Entries are written to the /etc/hosts file to direct requests to the reMarkable cloud to the rmfakecloud-proxy server.

Additionally, if one is already connected to the reMarkable cloud in Xochitl when enabling rmfakecloud-proxy (or connected to rmfakecloud when disabling it), the script takes care of disconnecting them and marking their files as unsynced. This prevents Xochitl from believing that the files have disappeared from the server and therefore deleting them.

The “enabled” state survives package upgrades and system upgrades. This state is stored as a file in /opt/etc/rmfakecloud-proxy/enabled which exists if and only if the proxy is enabled.

Test plan

Please make a backup of your files (in ~/.local/share/remarkable/xochitl) before testing this.

To test this PR, you’ll need access to an rmfakecloud instance. I can give temporary access to my instance if needed.

The following scenarios should be tested:

  • Installing and enabling rmfakecloud-proxy while previously being connected to the reMarkable cloud: you should get disconnected from the rM cloud, no files should be lost, and they should sync to the new server after connecting to your account.
  • Installing and enabling rmfakecloud-proxy while not being connected to the rM cloud: your files should sync to the new server after connecting to your account.
  • After enabling rmfakecloud-proxy, switching to a different rmfakecloud server with rmfakecloud set-upstream: you should get disconnected from the previous server and no files should be lost.
  • Upgrading the system while being connected to rmfakecloud: the rmfakecloud connection should be re-enabled after running toltecctl reenable.
  • Running rmfakecloudctl disable should remove entries from the /etc/hosts file, uninstall the self-signing CA and disconnect the user. No files should be lost.
  • Removing the rmfakecloud-proxy package should disable rmfakecloud as before.

This PR provides a new package intended to ease the setup of rmfakecloud on a device. [rmfakecloud](https://github.com/ddvk/rmfakecloud) is an alternative Xochitl sync server developed by ddvk that anyone can self-host. With this package, connecting to an rmfakecloud server only takes a few steps:

* `opkg install rmfakecloud-proxy`
* `rmfakecloudctl set-upstream https://...` (define the server to use)
* `rmfakecloudctl enable`

One can then run `rmfakecloudctl disable` (or uninstall the package) to revert back to the default reMarkable servers.

Technical details
-----------------

This package reuses most of its logic from the rmfakecloud-proxy installer <https://github.com/ddvk/rmfakecloud-proxy/blob/master/scripts/installer.sh>, but makes it more integrated with Toltec. The following steps happen when enabling rmfakecloud-proxy:

* A local certificate authority and a self-signed certificate are generated for the reMarkable cloud domain names (stored in `/opt/var/rmfakecloud-proxy`).
* The `rmfakecloud-proxy` service is enabled. This is a proxy server listening on `127.0.42.10` which forwards any requests it receives to the server selected by running `rmfakecloudctl set-upstream`.
* Entries are written to the `/etc/hosts` file to direct requests to the reMarkable cloud to the `rmfakecloud-proxy` server.

Additionally, if one is already connected to the reMarkable cloud in Xochitl when enabling rmfakecloud-proxy (or connected to rmfakecloud when disabling it), the script takes care of disconnecting them and marking their files as unsynced. This prevents Xochitl from believing that the files have disappeared from the server and therefore deleting them.

The “enabled” state survives package upgrades and system upgrades. This state is stored as a file in `/opt/etc/rmfakecloud-proxy/enabled` which exists if and only if the proxy is enabled.

Test plan
---------

Please make a backup of your files (in `~/.local/share/remarkable/xochitl`) before testing this.

To test this PR, you’ll need access to an rmfakecloud instance. I can give temporary access to my instance if needed.

The following scenarios should be tested:

* Installing and enabling rmfakecloud-proxy while previously being connected to the reMarkable cloud: no files should be lost and they should sync to the server.
* Installing and enabling rmfakecloud-proxy while not being connected to the rM cloud: same result as before.
* After enabling rmfakecloud-proxy, switching to a different rmfakecloud server with `rmfakecloud set-upstream`: no files should be lost.
* Upgrading the system while being connected to rmfakecloud: the rmfakecloud connection should be re-enabled after running `toltecctl reenable`.
* Running `rmfakecloudctl disable` should remove entries from the `/etc/hosts` file, uninstall the self-signing CA and disconnect the user. No files should be lost.
* Removing the rmfakecloud-proxy package should disable rmfakecloud.
@matteodelabre matteodelabre added the packages Add or improve packages of the repository label Sep 29, 2021
@matteodelabre
Copy link
Member Author

I’ve been testing this for a few days on my rM2 and haven’t had any issues. Testers wanted! (Please see the test plan above.)

@matteodelabre
Copy link
Member Author

Any thoughts on this @ddvk?

@ddvk
Copy link

ddvk commented Sep 29, 2021

nicely done 👍

@ddvk
Copy link

ddvk commented Sep 29, 2021

btw, there is a -c option now that accepts a yml config file

if is-enabled; then
echo "rmfakecloud-proxy is already enabled."
else
disconnect-cloud
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should we trap various signals here that would cause an exit and disable?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You mean trapping script errors? Or do you have other cases in mind?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Script errors, also ctrl-c or another interrupt signal.

@matteodelabre
Copy link
Member Author

I'll have to investigate further but the preremove script of this package fails when invoked as part of toltecctl uninstall.

@Eeems
Copy link
Member

Eeems commented Oct 5, 2021

I'll have to investigate further but the preremove script of this package fails when invoked as part of toltecctl uninstall.

Should this be changed to a draft until you resolve this?

@matteodelabre matteodelabre marked this pull request as draft October 5, 2021 17:26
@matteodelabre
Copy link
Member Author

The toltecctl uninstall issue is due to the script relying on pgrep being available (as specified in installdepends) while it seems that the uninstall command does not honor dependencies and removes pgrep before this package. As a workaround, I’ve reimplemented a very basic pgrep inside the Bash script, but we may want to look into making the uninstall command properly manage dependencies in a separate issue.

matteodelabre added a commit that referenced this pull request Oct 6, 2021
`toltecctl uninstall` will now try to uninstall packages in the reverse order of their dependencies, so that a package can use binaries it depends on during its removal scripts (see #448). Packages in a dependency cycle are removed in an unspecified order.

Test plan: Upgrade `toltec-bootstrap`, install some packages, then run `toltecctl uninstall`. You should see packages removed in reverse dependency order, so for example:

* `libc`, `libpthread`, `libgcc` should generally be the last removed packages
* graphical apps should get removed before `display`
* `toltec-bootstrap` should get removed before `coreutils-tsort`
@matteodelabre
Copy link
Member Author

I added back the dependency on pgrep. Provided that the updated uninstall script from #456 is used, this package now uninstalls without errors during toltecctl uninstall.

@matteodelabre matteodelabre marked this pull request as ready for review October 6, 2021 10:01
Copy link
Member

@Eeems Eeems left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add traps for ctrl-c/other interrupt signals to avoid leaving things in a bad state.

matteodelabre added a commit that referenced this pull request Oct 15, 2021
`toltecctl uninstall` will now try to uninstall packages in the reverse order of their dependencies, so that a package can use binaries it depends on during its removal scripts (see #448). Packages in a dependency cycle are removed in an unspecified order.
Eeems pushed a commit that referenced this pull request Oct 22, 2021
`toltecctl uninstall` will now try to uninstall packages in the reverse order of their dependencies, so that a package can use binaries it depends on during its removal scripts (see #448). Packages in a dependency cycle are removed in an unspecified order.
Eeems pushed a commit that referenced this pull request Oct 22, 2021
`toltecctl uninstall` will now try to uninstall packages in the reverse order of their dependencies, so that a package can use binaries it depends on during its removal scripts (see #448). Packages in a dependency cycle are removed in an unspecified order.
Eeems added a commit that referenced this pull request Nov 20, 2021
* toltecctl: Honour dependencies when uninstalling (#456)

`toltecctl uninstall` will now try to uninstall packages in the reverse order of their dependencies, so that a package can use binaries it depends on during its removal scripts (see #448). Packages in a dependency cycle are removed in an unspecified order.

* [rmkit] upgrade remux with rM1 support on 2.9 (#450)

this brings remux up to date with rmkit-dev/rmkit@8254893

major improvement is proper support for touch gestures in remux on rM1 after rebooting. the main issue was the display was resizing after remux started, so the touch gestures were using the wrong display size. holding the center button on rM1 would cause remux to restart (and fix this problem), so there is a workaround available.

* Update KOReader to 2021.10 (#467)

Co-authored-by: raisjn <[email protected]>

* Add cache for dependencies install (#473)

* Add cache for dependencies install

Co-authored-by: Mattéo Delabre <[email protected]>
Co-authored-by: raisjn <[email protected]>
Co-authored-by: Mattéo Delabre <[email protected]>
@matteodelabre
Copy link
Member Author

Added an error handler to the rmfakecloudctl enable command that cleans up the install if it gets interrupted or encounters an error. To test, run the command and do Ctrl-C at any time during the install, or insert a failing command somewhere in the install() function of /opt/bin/rmfakecloudctl. Afterwards, check that the following has been cleaned up:

  • /usr/local/share/ca-certificates should be empty
  • /opt/var/rmfakecloud-proxy should be empty
  • /opt/etc/rmfakecloud-proxy should be empty
  • /etc/hosts should be free of cloud override lines
  • /etc/ssl/certs should be free of symlinks to /usr/local/share/ca-certificates/rmfakecloud-ca.crt

(cc @Eeems)

matteodelabre added a commit to toltec-dev/web that referenced this pull request Nov 27, 2021
This PR adds a detailed step-by-step guide to setting up rmfakecloud-proxy on a device (see toltec-dev/toltec#448). It is to be merged when the package reaches the stable branch.
@matteodelabre
Copy link
Member Author

I propose to add a guide to our website for how to use this package to connect to alternative sync servers. See toltec-dev/web#8.

@Eeems
Copy link
Member

Eeems commented Dec 5, 2021

Just tried to run through the first test and it looks like rmfakecloud-proxy.service fails to start after running rmfakecloudctl enable and there is no feedback to the user that it failed.

image

Steps that I took:

  1. Installed package
  2. rmfakecloudctl set-upstream ...
  3. rmfakecloudctl enable
  4. ctrl-c while it's running
  5. rmfakecloudctl enable

Looks like the set-upstream configuration was wiped before enable was called.

After a disable, set-upstream, enable it worked. I was able to connect after generating a code, and all my documents started uploading!

rmfakecloudctl should also have a status method to check on the current upstream, if it's enabled, and if it's running.

@Eeems Eeems self-requested a review December 5, 2021 02:51
Copy link
Member

@Eeems Eeems left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

While I think the issue I found should be resolved, and rmfakecloudctl should be enhanced, I think it's worth getting this into testing first.

@Eeems
Copy link
Member

Eeems commented Dec 7, 2021

@matteodelabre poke?

@matteodelabre
Copy link
Member Author

Thanks for the review @Eeems! As you proposed I’ll go ahead and merge this, and will make a follow-up PR to address your points.

@matteodelabre matteodelabre merged commit 6705250 into testing Dec 7, 2021
@matteodelabre matteodelabre deleted the package/rmfakecloud-proxy/create branch December 7, 2021 15:07
Eeems added a commit that referenced this pull request Dec 15, 2021
This PR provides a new package intended to ease the setup of rmfakecloud on a device. [rmfakecloud](https://github.com/ddvk/rmfakecloud) is an alternative Xochitl sync server developed by ddvk that anyone can self-host. With this package, connecting to an rmfakecloud server only takes a few steps:

* `opkg install rmfakecloud-proxy`
* `rmfakecloudctl set-upstream https://...` (define the server to use)
* `rmfakecloudctl enable`

One can then run `rmfakecloudctl disable` (or uninstall the package) to revert back to the default reMarkable servers.

Co-authored-by: Nathaniel van Diepen <[email protected]>
Eeems added a commit that referenced this pull request Dec 17, 2021
* Update xochitl.oxide to support templatectl (#505)

* Update xochitl.oxide to support templatectl

Co-authored-by: Linus K. <[email protected]>
Co-authored-by: Linus K <[email protected]>

* Create rmfakecloud-proxy package (#448)

This PR provides a new package intended to ease the setup of rmfakecloud on a device. [rmfakecloud](https://github.com/ddvk/rmfakecloud) is an alternative Xochitl sync server developed by ddvk that anyone can self-host. With this package, connecting to an rmfakecloud server only takes a few steps:

* `opkg install rmfakecloud-proxy`
* `rmfakecloudctl set-upstream https://...` (define the server to use)
* `rmfakecloudctl enable`

One can then run `rmfakecloudctl disable` (or uninstall the package) to revert back to the default reMarkable servers.

Co-authored-by: Nathaniel van Diepen <[email protected]>

* Remove rmfakecloud-proxy

Co-authored-by: Linus K. <[email protected]>
Co-authored-by: Mattéo Delabre <[email protected]>
Co-authored-by: Mattéo Delabre <[email protected]>
Eeems added a commit that referenced this pull request Jan 12, 2022
This PR provides a new package intended to ease the setup of rmfakecloud on a device. [rmfakecloud](https://github.com/ddvk/rmfakecloud) is an alternative Xochitl sync server developed by ddvk that anyone can self-host. With this package, connecting to an rmfakecloud server only takes a few steps:

* `opkg install rmfakecloud-proxy`
* `rmfakecloudctl set-upstream https://...` (define the server to use)
* `rmfakecloudctl enable`

One can then run `rmfakecloudctl disable` (or uninstall the package) to revert back to the default reMarkable servers.

Co-authored-by: Nathaniel van Diepen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
packages Add or improve packages of the repository
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants